diff --git a/addons-cluster/mysql/values.schema.json b/addons-cluster/mysql/values.schema.json index ea3517ef4..854ab31e5 100644 --- a/addons-cluster/mysql/values.schema.json +++ b/addons-cluster/mysql/values.schema.json @@ -68,6 +68,7 @@ "semisync", "semisync-proxysql", "mgr", + "mgr-proxysql", "orc", "orc-proxysql" ] diff --git a/addons/mysql/config/proxysql.tpl b/addons/mysql/config/proxysql.tpl index fcfcbd6fe..eabbf754e 100644 --- a/addons/mysql/config/proxysql.tpl +++ b/addons/mysql/config/proxysql.tpl @@ -33,7 +33,7 @@ admin_variables= cluster_mysql_users_diffs_before_sync="3" cluster_proxysql_servers_diffs_before_sync="3" admin_credentials="admin:${PROXYSQL_ADMIN_PASSWORD};cluster:${PROXYSQL_CLUSTER_PASSWORD}" - admin-hash_passwords="true" + hash_passwords="false" cluster_check_interval_ms="200" cluster_mysql_servers_save_to_disk="true" cluster_mysql_users_save_to_disk="true" diff --git a/addons/mysql/scripts/configure-proxysql.sh b/addons/mysql/scripts/configure-proxysql.sh index 0f6123edc..01a4b6548 100644 --- a/addons/mysql/scripts/configure-proxysql.sh +++ b/addons/mysql/scripts/configure-proxysql.sh @@ -86,10 +86,6 @@ mysql_version=$(mysql_exec $MYSQL_ROOT_USER $MYSQL_ROOT_PASSWORD $BACKEND_SERVER log "connecting to mysql $MYSQL_ROOT_USER $MYSQL_ROOT_PASSWORD $BACKEND_SERVER $MYSQL_PORT" mysql_exec $MYSQL_ROOT_USER $MYSQL_ROOT_PASSWORD $BACKEND_SERVER $MYSQL_PORT "$additional_sys_query" $opt -mysql_exec $MYSQL_ROOT_USER $MYSQL_ROOT_PASSWORD $BACKEND_SERVER $MYSQL_PORT << EOF -CREATE USER 'monitor'@'%' IDENTIFIED BY 'monitor'; -GRANT USAGE, REPLICATION CLIENT ON *.* TO 'monitor'@'%'; -EOF # wait for proxysql process to run wait_for_mysql admin ${PROXYSQL_ADMIN_PASSWORD} 127.0.0.1 6032 diff --git a/addons/mysql/templates/_helpers.tpl b/addons/mysql/templates/_helpers.tpl index 5431cdf92..8dac9b157 100644 --- a/addons/mysql/templates/_helpers.tpl +++ b/addons/mysql/templates/_helpers.tpl @@ -134,7 +134,8 @@ systemAccounts: passwordGenerationPolicy: *defaultPasswordGenerationPolicy - name: proxysql statement: - create: CREATE USER IF NOT EXISTS '${KB_ACCOUNT_NAME}' IDENTIFIED BY '${KB_ACCOUNT_PASSWORD}'; GRANT SELECT ON performance_schema.* TO '${KB_ACCOUNT_NAME}'; GRANT SELECT ON sys.* TO '${KB_ACCOUNT_NAME}'; + create: CREATE USER ${KB_ACCOUNT_NAME} IDENTIFIED BY '${KB_ACCOUNT_PASSWORD}'; GRANT REPLICATION CLIENT, USAGE ON ${ALL_DB} TO ${KB_ACCOUNT_NAME}; + passwordGenerationPolicy: *defaultPasswordGenerationPolicy vars: - name: CLUSTER_NAME valueFrom: @@ -317,7 +318,12 @@ systemAccounts: letterCase: MixedCases - name: proxysql statement: - create: CREATE USER IF NOT EXISTS '${KB_ACCOUNT_NAME}' IDENTIFIED BY '${KB_ACCOUNT_PASSWORD}'; GRANT SELECT ON performance_schema.* TO '${KB_ACCOUNT_NAME}'; GRANT SELECT ON sys.* TO '${KB_ACCOUNT_NAME}'; + create: CREATE USER ${KB_ACCOUNT_NAME} IDENTIFIED BY '${KB_ACCOUNT_PASSWORD}'; GRANT USAGE, REPLICATION CLIENT ON *.* TO ${KB_ACCOUNT_NAME}; + passwordGenerationPolicy: + length: 16 + numDigits: 8 + numSymbols: 0 + letterCase: MixedCases tls: volumeName: tls mountPath: /etc/pki/tls diff --git a/addons/mysql/templates/clusterdefinition.yaml b/addons/mysql/templates/clusterdefinition.yaml index bcd2a33ca..16745fcf7 100644 --- a/addons/mysql/templates/clusterdefinition.yaml +++ b/addons/mysql/templates/clusterdefinition.yaml @@ -37,6 +37,22 @@ spec: update: # When there are multiple component update operations, follow the order specified here. - mysql - proxysql + - name: mgr-proxysql + components: + - name: mysql + compDef: {{ include "mysql.cmpdMGRNamePrefix" . }} + - name: proxysql + compDef: {{ include "proxysql.componentDefName" . }} + orders: + provision: # The server will start before the proxy is created. + - mysql + - proxysql + terminate: # The proxy will be shut down (destroyed) before the server. + - proxysql + - mysql + update: # When there are multiple component update operations, follow the order specified here. + - mysql + - proxysql - name: semisync-proxysql components: - name: mysql